Phase 2 Data Privacy Plan — University of Washington ITS4US Deployment Project
-
2022-11-22
-
-
Series: ITS4US Phase 2 and Phase 3
Details:
-
Creators:
-
Corporate Creators:
-
Corporate Contributors:United States. Department of Transportation. Intelligent Transportation Systems Joint Program Office ; United States. Department of Transportation. Federal Highway Administration ; United States. Department of Transportation. Office of the Assistant Secretary for Research and Technology ; United States. Department of Transportation. Federal Transit Administration
-
Subject/TRT Terms:
-
Publication/ Report Number:
-
Series:
-
Resource Type:
-
Geographical Coverage:
-
Contracting Officer:
-
Corporate Publisher:
-
Abstract:This document is the Data Privacy Plan (DPP) for the University of Washington’s (UW) Transportation Data Equity Initiative (TDEI) Project for the United States Department of Transportation’s (USDOT) ITS4US Program. The DPP provides details about how the privacy of participants in the UW’s ITS4US project will be protected. The DPP describes actions that will be taken to protect the privacy of users, guard against potential breaches of the system, and prevent unauthorized use of sensitive participant data, specifically Sensitive Personally Identifiable Information (SPII) and other Personally Identifiable Information (PII). Much of this DPP is informed by the Phase 1 Data Management Plan (DMP), with updates made based on design developments that occurred between Phase 1 and Phase 2. The TDEI system can meet the requirements of protecting user privacy because the TDEI system itself does not collect PII and SPII as part of its regular data transactions; for those transactions, the PII is exchanged between the digital device end users and the application developer. This data flow exists outside of the TDEI system that is being developed as part of the USDOT ITS4US program. The primary instance of PII in the TDEI project is data collected from the 40 participants that are being recruited—through an informed consent process—to demonstrate use of the TDEI system through a separate mobile application for the purpose of evaluating the TDEI. Limited PII – primarily an email address – also exists in the TDEI system’s authorization service. The TDEI requires users to register and create a user account to access data in the TDEI; there are no restrictions on who can receive a user account. The primary purpose of requiring users to create accounts is so that TDEI can communicate with users and notify them of system updates and manage accounts that violate TDEI usage policies. This limited PII data will reside within the TDEI system, but will be stored separately from the operational data, and will be managed with privacy in mind. Steps are outlined to discuss how the PII data – both from the 40 participants and the limited PII in the TDEI – will be safeguarded.
-
Format:
-
Funding:
-
Collection(s):
-
Main Document Checksum:
-
Download URL:
-
File Type: